How to use wire data analytics to build a progressive cybersecurity plan
The risks caused by advanced security threats are echoing across corporate boardroom suites. Business leaders are keenly aware of the huge risks caused by security threats and it’s clear perimeter based security tools aren’t enough to effectively deal with today’s hackers.
What you may not know is that most of hacker intrusions come through one of three vectors - - email, a web site, or removable media. Once a hacker is in your network, their goal is to create backdoors, get a stronger foothold, and make it hard for you to detect them all the while they navigate to the data they want.
You need to know your network better than a hacker. The ability to continuously monitor communication between systems inside your network, referred to as ‘east-west’ traffic, is a huge part of knowing your network better than any hacker.
If your team is relying on endpoint protection and antivirus software they won’t protect against methods hackers use to gain control.
Topics of Discussion
How to detect ransomware activity across all NAS systems, file shares, shared drives
Use of DNS surveillance to identify malware and exfiltration
See and search on who received malicious files and the IP addresses hosting malware
Why look to unmatched visibility into East-West and North-South traffic
Best practices to detect and stop attacks within minutes
Kanen Clement is an experienced systems engineer based out of Nashville, TN with a degree in computer science and a strong background in Healthcare IT operations and higher education. Prior to joining ExtraHop Kanen worked as a Systems Architect for a large healthcare system. He prides himself on having a broad technical skill-set and a knack for problem-solving. Most of all, he enjoys exploring the world of wire data with his customers and watching their reactions to the unbelievable insights it provides. He is a frequent contributor to ExtraHop white papers using real world experience. His most recent article details using Extrahop’s Ransomware Detection Bundle and Precision Packet Capture to recover encrypted files and can be found here: https://www.extrahop.com/community/blog/2016/recover-ransomware-encrypted-files-from-packet-capture/